Written by Mark Russinovich, Chief Technology Officer and Technical Fellow, Microsoft Azure

“Continuing our Advancing Reliability blog series, which highlights key updates and initiatives related to improving the reliability of the Azure platform and services, today we turn our focus to Azure Active Directory (Azure AD). We laid out the core availability principles of Azure AD as part of this series back in 2019 so I’ve asked Nadim Abdo, Corporate Vice President, Engineering, to provide the latest update on how our engineering teams are working to ensure the reliability of our identity and access management services that are so critical to customers and partners.”—Mark Russinovich, CTO, Azure

The most critical promise of our identity services is ensuring that every user can access the apps and services they need without interruption. We’ve been strengthening this promise to you through a multi-layered approach, leading to our improved promise of 99.99 percent authentication uptime for Azure Active Directory (Azure AD). Today, I am excited to share a deep dive into generally available technology that allows Azure AD to achieve even higher levels of resiliency.

The Azure AD backup authentication service transparently and automatically handles authentications for supported workloads when the primary Azure AD service is unavailable. It adds an additional layer of resilience on top of the multiple levels of redundancy in Azure AD. You can think of it as a backup generator or uninterrupted power supply designed to provide additional fault tolerance while staying completely transparent and automatic to you. This system operates in the Microsoft cloud but on separate and decorrelated systems and network paths from the primary Azure AD system. This means that it can continue to operate in case of service, network, or capacity issues across many Azure AD and dependent Azure services.

Read the full article